Business agility has become a competitive weapon, and those who adapt faster and more often are winning in the marketplace. To reach customers in new ways, organizations have made forays into areas like e-commerce, curbside pickup, contactless payments and virtual visits. At the same time, they have had to evolve to keep their employees secure and productive by quickly implementing new software while ensuring seamless integration.
As organizations have accelerated their investments in digital initiatives, business and app teams have embraced the DevOps model, a process that speeds up software delivery. DevOps enables businesses to be agile enough to quickly adapt or be the first to market, which can have a tremendous impact on the bottom line.
It’s time for identity to join the DevOps party. For far too long, identity initiatives have been stretched to their limits while struggling to keep pace with application growth. DevOps is starting to gain traction in the identity space—and for good reason, since identity is a key part of application onboarding. Without collaboration between identity teams and DevOps teams, many of the intended benefits of DevOps can quickly unravel.
What Is DevOps?
The DevOps methodology for software development breaks down traditional silos by eliminating manual tasks and replacing them with automation via code so that releases and updates can be pushed out faster and more frequently. At its core, DevOps improves the efficiencies between app development and IT operations or infrastructure teams. Previously, developers would make manual requests to identity teams or IT ops and lose valuable time. In DevOps, the identity teams enable the software to be consumable via APIs or infrastructure-as-code, the preferred methods for developers.
In addition, the DevOps model has specific tools for implementation. The most common include Docker, which enables software in images or “containers,” and Kubernetes, the orchestration engine that manages containers. These tools allow developers to easily spin up infrastructure and perform updates with minimal interruption.
What DevOps Needs from Identity
When launching a new service or onboarding a new app, it’s critical to do so within an organization’s existing identity ecosystem. This is typically accomplished via a federation hub or centralized authentication services. But identity teams struggle to keep up with the sheer volume of requests that come from the DevOps environment, which greatly outnumber the release cycles of other application methodologies.
And let’s face it, your app teams and developers don’t care about the ins and outs of identity. They want to run code and have everything stood up for them. By the same token, your identity team doesn’t need to have DevOps experts to enable developers.
Here are the features developers need from any identity solution:
Self-service and automation
All these aspects enable speed by eliminating repetitive manual requests, meetings and unnecessary bureaucratic processes. However, by improving accessibility for developers, it doesn’t mean your identity teams have less control. In fact, it lessens the amount of burdensome maintenance tasks for identity teams and allows them to focus more on innovation.
How to Enable Identity for DevOps
In order for identity to be consumed in a DevOps environment, identity teams need to prepare pre-configured profiles or images. Next, they need to make them easily available on the most popular tools used by DevOps teams. And most importantly, identity teams need the ability to centrally manage identity as the DevOps environment scales.
Containers. This is a prerequisite for DevOps. Can your identity platform be pre-packaged and consumed in any type of app environment? This is not the case with many IDaaS vendors.
Tools. Learn what tools your DevOps teams are using. Some of the popular platforms include GitHub, Docker and Kubernetes.
Management. Do you have a centralized way of managing identity and understanding how it's deployed in a DevOps environment? This is crucial, especially if you need to make an update or change at scale.
The Benefits of Identity within a DevOps Environment
When identity is deployed via containers, it provides the operational flexibility and efficiencies that can make a tangible impact on the business. There are also significant infrastructure savings. Here are some of the key benefits you will see by enabling identity within a DevOps environment:
Deploying configurations as code eliminates the need for manual processes and the errors that can flare up as a result of them. This allows your teams to deploy identity with confidence in a repeatable manner.
Tools like Docker and Kubernetes are platform agnostic and based on open standards, providing your organization with a level of independence.
You can leverage cloud scaling capabilities to meet demand, SLAs and other defined thresholds. Auto-scaling and auto-healing features optimize your spend so that you are using only the capacity you need.
If done right, you can deploy your identity solution to a new app environment in minutes. You can also decrease the time it takes to make a configuration change in production, push out new features continuously, and pursue zero downtime upgrades.
You can see these benefits in a real-world example. One of our customers, a multinational media conglomerate, chose the DevOps approach when modernizing their legacy identity system. Initially, they found that their staff resources were too limited to manage and re-architect another enterprise on-premises installation, but they wanted more configuration options than the ones provided by other IDaaS vendors.
By utilizing DevOps principles in their identity infrastructure, the company was able to manage their enterprise needs at scale without overwhelming their staff. They enabled autoscaling to meet target CPU utilization requirements and set up instances across multiple regions to minimize latency, while also protecting against possible outages of their cloud infrastructure. And they did so with savings of more than $1 million vs non-DevOps identity alternatives.
Embedding identity into your DevOps processes does not limit you to any one environment. Anywhere that you can put a Docker image, you can put identity. Docker images can be deployed in any cloud, including your AWS, Azure and Google clouds.
Docker images can also be deployed directly to your on-premises datacenter for mission-critical use cases where uptime needs to remain under your strict control. Whatever environment you choose, DevOps ensures that you easily move and re-apply your identity infrastructure when needed.
Drive Your Business Forward
When identity is embedded in your DevOps processes, it provides your organization with a new level of agility and independence. No longer is your identity organization limited by staff shortages, app onboarding delays, identity silos and other operational inefficiencies. Instead, your identity team can rapidly respond to the needs of the business and where it wants to go.
This can only be accomplished if you have the right identity capabilities to deal with the technologies of today. That’s why it’s important to consider workforce identity solutions that can not only enable DevOps processes but also deliver tools for your current workforce and connect with any user, any app, any directory, on any device. To find out more about the overall requirements your identity solution should have, please see our authentication authority white paper.